I've previously successfully set up Exchange 2010 with a wildcard certificate, but I remember it wasn't exactly straightforward. I'm also more familiar with generating CSRs with openssl than Windows tools. My question is in two parts:

would life be simpler if I did not use a wildcard cert?

can I use a certificate in Exchange if I've had it issued against a CSR generated with openssl?

You can either generate a wildcard certificate for your email domain, or a unified communications/SAN certificate. If you aren't sure which subject alternative names to include in the UC certificate, you may want to use the wizard in the EMC to generate your CSR. Be sure to include any publicly accessible client-access hostnames and autodiscover.domain.com. Also include your send connector FQDNs if you want to utilize TLS for transport.

It is hard to see links in comments, which is why I've resorted to pasting URLs instead of hyperlinking. It looks like they do use the same parameters: /usr/bin/openssl pkcs12 -export -in /path/to/server.crt -inkey /path/to/server.key -certfile /path/to/cabundle.crt -out /path/to/new/server.pfx -passout file:/path/to/password.txt
–
Jeremy LyonsApr 10 '13 at 17:48